noccy
/
php-simple-jwt
1
0
Fork 0
Code Issues Pull Requests Packages Releases Wiki Activity
php-simple-jwt/src/Validator/JwtValidator.php

84 lines
2.1 KiB
PHP
Raw Blame History

<?php
namespace NoccyLabs\SimpleJwt\Validator;
use NoccyLabs\SimpleJwt\JwtToken;
use NoccyLabs\SimpleJwt\Key\KeyInterface;
class JwtValidator
{
private $requireHeaders = [];
private $requireClaims = [];
private $requireIssuer = [];
private $requireAudience = [];
public function __construct()
{
$this->requireHeaders = [
'alg',
'typ',
];
}
public function addRequiredClaim(string $name)
{
if (!in_array($name, $this->requireClaims)) {
return;
}
$this->requireClaims[] = $name;
}
public function requireIssuer($issuer)
{
$this->requireIssuer = (array)$issuer;
}
public function requireAudience($audience)
{
$this->requireAudience = (array)$audience;
}
public function validateToken(JwtToken $token)
{
if (!$token->isValid()) {
throw new JwtTokenException("The token is not valid");
}
if (!$token->header->hasAll($this->requireHeaders)) {
throw new JwtHeaderException("The token is missing one or more required headers");
}
if (!$token->claims->hasAll($this->requireClaims)) {
throw new JwtHeaderException("The token is missing one or more required claims");
}
if ($this->requireIssuer) {
$hasIssuer = $token->header->has("iss");
if ((!$hasIssuer)
|| (!in_array($token->header->get("iss"), $this->requireIssuer)))
throw new JwtTokenException("Invalid issuer");
}
if ($this->requireAudience) {
$hasAudience = $token->header->has("aud");
if ((!$hasAudience)
|| (!in_array($token->header->get("aud"), $this->requireAudience)))
throw new JwtTokenException("Invalid audience");
}
return true;
}
public function validate(KeyInterface $key, string $raw)
{
$token = new JwtToken($key, $raw);
if ($this->validateToken($token)) {
return $token;
}
}
}
Reference in New Issue View Git Blame Copy Permalink